Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Level3 routing issues?

  • From: Christopher L. Morrow
  • Date: Mon Jan 27 15:17:14 2003


On Mon, 27 Jan 2003, Scott Granados wrote:

>
> Alex, although technically correct, its not practical.  How many end users
> vpn in from home from say a public ip on their dsl modem leaving
> themselves open to attack but now also having this connection back to the
> "Secure" inside network.  Has anyone heard of any confirmed cases of this
> yet?
>

I hate to blow a vendor's horn, BUT... checkpoint has atleast thought this
through with SecureClient. There is the ability to push down on the vpn
client a local security policy that SHOULD allow you to enforce corporate
network security policy on the remote system.

>
> On Mon, 27 Jan 2003 alex@yuriev.com wrote:
>
> >
> > > > Note that in the case of a worm, a VPN could work against you.  If you
> > > > have all the right filters in place at your "perimeter" and yet let
> > > > your employees in through a VPN solution of some sort, you could still
> > > > be screwed if one of their home systems gets infected somehow.
> > >
> > > So what you're saying is that a really good worm could infiltrate any secure
> > > network by targetting those who vpn from exterior sources, collect data, and
> > > then run? Hmmm. Wait a sec. Would that constitute a worm if it had purpose?
> > >
> >
> > This is not correct. VPN simply extends security policy to a different
> > location. A VPN user must make sure that local security policy prevents
> > other traffic from entering VPN connection.
> >
> > Alex
> >
> >
>





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.